I mostly agree with Mueller's thoughts, except I do think that cyber threats have already surpassed terrorism, but most people don't realize it. Terrorism is a tangible thing to everyone; all we have to do is look back at the 9/11 attacks or even the feeling of celebration many Americans had after the death of Bin Laden. Cyber threats are still emerging.

Government agencies are being attacked by cyber threats, but those threats seem to be floating under the major news wires at this point. For example, one such threat is an email attack against defense organizations around the world. Help Net Security reported two security companies, Zscaler and Seculert, have issued a warning about a bogus email meant to trick users into loading malware. According to the Zscaler blog:

The threat arrives in phishing emails with a PDF attachment, possibly related to conferences for the particular targeted industry. The PDF exploits a vulnerability within Adobe (for example, a 0-day exploit was used against CVE-2010-2883) which then drops a series of files to begin communicating with the command and control (C&C).

These aren't new attacks, Help Net Security pointed out, and they are believed to be executed by the same criminal group for the past 2 years. However, the article continued:

The general purpose of the dropped malware is to exfiltrate important information from the companies' systems, and given the targets, it's not far-fetched to assume that a nation-station is likely to be behind these attacks.

See what I mean about serious cyber threats flying below the radar of most news outlets?

As I continued to read the ABC News article about Mueller's testimony before the Senate Select Committee on Intelligence, as well as testimony by National Intelligence Director James Clapper, I admit I had to check the date of the article several times to make sure that it wasn't testimony from several years ago. Clapper was quoted in that article, saying:

We foresee a cyber-environment in which emerging technologies are developed and implemented before security responses can be put in place.

Based on conversations I've had with security experts over the past few years, Clapper's comments are old news. However, to many, this idea of a dangerous cyber environment is news, something they've never had any reason to think about before.